github-actions[bot]
9cb7fa57f6
New Crowdin Translations (automated) ( #27080 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
github-actions[bot]
40702a81fa
New Crowdin Translations (automated) ( #27052 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
Claire
8acc75435b
Change S3 checksum mode to be disabled by default ( #27007 )
2023-09-21 14:00:51 +02:00
github-actions[bot]
effe4728cf
New Crowdin Translations (automated) ( #27005 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-21 11:06:04 +02:00
github-actions[bot]
61fe25fe74
New Crowdin Translations (automated) ( #26988 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-20 13:05:56 +02:00
Jasmin
3b69a29703
Merge changes of 4.0.7..4.0.10 ( #1324 )
...
This includes all changes made in
https://github.com/mastodon/mastodon/releases/tag/v4.0.7 and
https://github.com/mastodon/mastodon/releases/tag/v4.0.8 and therefore
requires:
⚠️ Restart of all Mastodon processes, especially the Streaming
API
There was a conflict during the merge inside the `streaming/index.js`,
which was related to the following snippet:
```js
// Only send local-only statuses to logged-in users
if (payload.local_only && !req.accountId) {
log.silly(req.requestId, `Message ${payload.id} filtered because it was local-only`);
return;
}
```
I've placed it at the same spot where it was previously, so everything
should work as before. ~~**However, I still need to test those changes,
which is what I'll be doing after submitting this PR as draft.**~~
Checked the changes against our instance, everything is working as
expected as logged-in user. Haven't checked the public timelines where
the above snippet would be relevant, as we are using `AUTHORIZED_FETCH`
and I would like to keep it enabled. ^^
If the base branch is not correct, feel free to change it.
Everything is already deployed on queer.group and working fine there.
---------
Co-authored-by: Michael Stanclift <mx@vmstan.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
Co-authored-by: Renaud Chaput <renchap@gmail.com>
Co-authored-by: Daniel M Brasil <danielmbrasil@protonmail.com>
Co-authored-by: yufushiro <62991447+yufushiro@users.noreply.github.com>
Co-authored-by: Nicolai Søborg <NicolaiSoeborg@users.noreply.github.com>
2023-09-19 19:49:27 -07:00
github-actions[bot]
73ecc4de6e
New Crowdin Translations (automated) ( #26978 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-19 16:26:51 +02:00
github-actions[bot]
67eaaa4b90
New Crowdin Translations (automated) ( #26966 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-19 10:41:48 +02:00
github-actions[bot]
1b4902fabf
New Crowdin Translations (automated) ( #26913 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-18 13:46:07 +02:00
Claire
a04ae16201
Fix CSP when using `ONE_CLICK_SSO_LOGIN` ( #26901 )
2023-09-13 19:54:04 +02:00
github-actions[bot]
921c6fe654
New Crowdin Translations (automated) ( #26498 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-13 15:10:41 +02:00
Robert R George
20666482ef
Added admin api for managing tags ( #26872 )
2023-09-13 11:22:53 +02:00
CSDUMMI
9a70cac9de
Fix #26849 by adding the domain of the current SSO provider to the form-action CSP ( #26857 )
2023-09-12 13:04:51 +02:00
Renaud Chaput
e9b528eaee
Use NodeJS v20 by default ( #26830 )
2023-09-08 13:45:34 +02:00
Claire
475783d567
Add timezone to datetimes in e-mails ( #26822 )
2023-09-06 17:25:39 +02:00
Claire
cab4cbfa5c
Fix “Scoped order is ignored, it's forced to be batch order.” warnings ( #26793 )
2023-09-05 15:37:23 +02:00
Christian Schmidt
ea31929776
Fix invalid Content-Type header for WebP images ( #26773 )
2023-09-04 09:46:33 +02:00
Claire
16681e0f20
Add admin notifications for new Mastodon versions ( #26582 )
2023-09-01 17:47:07 +02:00
Claire
9e26cd5503
Add `authorized_fetch` server setting in addition to env var ( #25798 )
2023-09-01 15:41:10 +02:00
Christian Schmidt
075cc8e8a6
Improve Codespaces port forwarding ( #26400 )
2023-08-29 10:20:36 +02:00
Christian Schmidt
286a21afdc
Support webpacker live-reloading on Docker ( #26419 )
2023-08-29 10:17:57 +02:00
Lukas Martini
a7d96e6aff
Improve error messages when DeepL quota is exceeded ( #26704 )
2023-08-29 09:14:44 +02:00
jsgoldstein
30c191aaa0
Add new public status index ( #26344 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-24 16:40:04 +02:00
Claire
163b004bb1
Change admin e-mail notification settins to be their own settings group ( #26596 )
2023-08-24 14:43:00 +02:00
Renaud Chaput
bb2db2aec0
Add `circular-dependency-plugin` to detect any circular deps issues ( #26600 )
2023-08-22 13:24:16 +02:00
Claire
ac0eb0533e
Add Elasticsearch cluster health check and indexes mismatch check to dashboard ( #26448 )
2023-08-21 16:50:22 +02:00
Claire
191d302b7f
Refactor `Api::V1::ProfilesController` into two separate controllers ( #26573 )
2023-08-21 15:47:09 +02:00
Daniel M Brasil
d24a87ce4f
Add ability to delete avatar or header picture via the API ( #25124 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-21 08:44:35 +02:00
Renaud Chaput
b95867ad1f
Allow setting a custom HTTP method in CacheBuster ( #26528 )
...
Co-authored-by: Jorijn Schrijvershof <jorijn@jorijn.com>
2023-08-18 08:18:40 +02:00
Claire
cc4560d95b
Change “privacy and reach” settings so that unchecking boxes always increase privacy and checking them always increase reach ( #26508 )
2023-08-17 09:13:26 +02:00
Claire
dd049fc37a
Fix ES_PRESET not being applied to Chewy's internal index ( #26489 )
2023-08-14 19:00:56 +02:00
Claire
fc5ab2dc83
Add privacy tab in profile settings ( #26484 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 18:52:45 +02:00
Claire
f5778caa3a
Add `ES_PRESET` option to customize numbers of shards and replicas ( #26483 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 17:46:16 +02:00
github-actions[bot]
c452ccd913
New Crowdin Translations (automated) ( #26444 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-14 14:54:31 +02:00
Claire
4bc0dd751c
Add `S3_DISABLE_CHECKSUM_MODE` environment variable for compatibility with some S3-compatible providers ( #26435 )
2023-08-10 14:15:18 +02:00
github-actions[bot]
8cbf4a5296
New Crowdin Translations (automated) ( #26373 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-10 09:47:42 +02:00
Claire
2c204d904b
Change `DB_REPLICA_*` environment variables to `REPLICA_DB_*` ( #26386 )
2023-08-08 13:59:40 +02:00
github-actions[bot]
d2dbaba407
New Crowdin Translations (automated) ( #26209 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-07 13:37:54 +02:00
Claire
12c43e4ab5
Re-add StatsD support through the `nsa` gem ( #26310 )
2023-08-03 20:28:14 +02:00
Claire
3105fef21a
Rename “read” database to “replica” for consistency ( #26326 )
2023-08-03 16:17:09 +02:00
Daniel M Brasil
3a4d3e9d4b
Add `GET /api/v1/instance/languages` to REST API ( #24443 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-03 11:25:47 +02:00
Eugen Rochko
a0fad5c8bb
Change indexing frequency from 5 minutes to 1 minute, add locks to schedulers ( #26304 )
2023-08-03 11:04:05 +02:00
Emelia Smith
e258b4cb64
Refactor: replace whitelist_mode mentions with limited_federation_mode ( #26252 )
2023-08-02 19:32:48 +02:00
Eugen Rochko
2cbdff97ce
Change design of role badges in web UI ( #26281 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-02 17:24:32 +02:00
Christian Schmidt
f2257069b2
Fix AVIF attachments ( #26264 )
2023-08-01 19:34:11 +02:00
Christian Schmidt
d76f79f647
Remove obsolete backport from Rails 7 ( #26254 )
2023-07-29 22:28:05 +02:00
Matt Jankowski
74903af7ce
Ignore the brakeman `PermitAttributes` check ( #25915 )
2023-07-28 23:17:53 +02:00
Matt Jankowski
ad81be6c8e
Update rubocop rules for linelength ( #26190 )
2023-07-28 23:11:45 +02:00
Renaud Chaput
4d1b67f664
Add end-to-end (system) tests ( #25461 )
2023-07-28 23:09:49 +02:00
Claire
b4e739ff0f
Change interaction modal in web UI ( #26075 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-27 16:11:17 +02:00
Matt Jankowski
b06763dc11
Remove the `sr` locale override .rb files ( #25927 )
2023-07-26 15:39:53 +02:00
github-actions[bot]
b9adea9695
New Crowdin Translations (automated) ( #26072 )
...
Co-authored-by: GitHub Actions <noreply@github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-26 13:46:16 +02:00
Matt Jankowski
bada7a65aa
Ignore long line in regex initializer ( #26182 )
2023-07-26 09:45:27 +02:00
Eugen Rochko
4d01d1a1ee
Remove 16:9 cropping from web UI ( #26132 )
2023-07-24 13:46:55 +02:00
mogaminsk
db310f383d
Fix missing translation strings for importing lists ( #26120 )
2023-07-23 15:57:57 +02:00
Christian Schmidt
296ec6cf57
Override default Action Mailer `preview_path` ( #26110 )
2023-07-21 21:12:57 +02:00
gunchleoc
217ef7f2af
Replace 'favourite' by 'favorite' for American English ( #26009 )
2023-07-21 19:09:13 +02:00
Claire
889102013f
Fix CSP headers being unintendedly wide ( #26105 )
2023-07-21 16:07:43 +02:00
Claire
efd066670d
Fix moderation interface for remote instances with a .zip TLD ( #25885 )
2023-07-21 16:07:43 +02:00
Claire
69c8f26946
Add check preventing Sidekiq workers from running with Makara configured ( #25850 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-21 14:18:04 +02:00
Claire
e5f1000ad1
Fix CSP headers being unintendedly wide ( #26105 )
2023-07-21 13:34:15 +02:00
Claire
934c7b33d1
Change default KeyGenerator digest to SHA1 to fix cookies in rolling upgrades ( #26023 )
2023-07-21 13:17:43 +02:00
Renaud Chaput
42698b4c5c
Fix the crossorigin attribute ( #26096 )
2023-07-21 11:14:26 +02:00
gunchleoc
cabe1ea560
Change casing for 'Server Settings' string ( #26011 )
2023-07-20 15:17:40 +02:00
Misty De Méo
b848ba3867
Paperclip: add support for Azure blob storage ( #23607 )
2023-07-19 09:02:49 +02:00
Matt Jankowski
6edd404482
Cleanup unused portions of statuses/status partial ( #26045 )
2023-07-19 08:44:16 +02:00
github-actions[bot]
47832a1ac0
New Crowdin Translations (automated) ( #26054 )
...
Co-authored-by: renchap <renchap@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-18 21:13:25 +02:00
Eugen Rochko
26e522ac55
Fix not actually connecting to the configured replica ( #25977 )
2023-07-17 08:26:52 +02:00
Stanislas Signoud
5fad7bd58a
Change links in multi-column mode so tabs are open in single-column mode ( #25893 )
2023-07-13 17:18:09 +02:00
Claire
41f65edb21
Fix embed dropdown menu item for unauthenticated users ( #25964 )
2023-07-13 15:53:03 +02:00
Matt Jankowski
644c5fddd8
Refactor `Status.tagged_with_all` for brakeman SQL injection warning ( #25941 )
2023-07-13 15:52:37 +02:00
Matt Jankowski
ce43ed144c
Rails 7.0 update ( #25668 )
2023-07-13 09:36:07 +02:00
Matt Jankowski
1ef014802b
Refactor `Trends::Query` to avoid brakeman sql injection warnings ( #25881 )
2023-07-12 14:19:20 +02:00
Matt Jankowski
f831452037
Refactor `Snowflake` to avoid brakeman sql injection warnings ( #25879 )
2023-07-12 10:44:58 +02:00
Matt Jankowski
2e1391fdd2
Fix `Naming/MemoizedInstanceVariableName` cop ( #25928 )
2023-07-12 10:08:51 +02:00
Matt Jankowski
b786911c55
Fix `Lint/SendWithMixinArgument` cop ( #25920 )
2023-07-12 10:02:32 +02:00
Nick Schonning
1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment ( #23793 )
2023-07-12 09:47:08 +02:00
Claire
9411fa4d36
Update brakeman ignores ( #25912 )
2023-07-11 17:08:37 +02:00
Nick Schonning
e11032585b
Run brakeman in GitHub Actions ( #23713 )
2023-07-11 15:23:57 +02:00
Claire
4b5851974c
Fix moderation interface for remote instances with a .zip TLD ( #25885 )
2023-07-10 18:42:10 +02:00
Matt Jankowski
cf33028f35
Admin mailer parameterization ( #25759 )
2023-07-08 20:03:38 +02:00
Kurtis Rainbolt-Greene
e4cfe4b3db
First pass at multi-database for read replica using Rails native adapter ( #25693 )
...
Co-authored-by: emilweth <7402764+emilweth@users.noreply.github.com>
2023-07-08 19:45:36 +02:00
Matt Jankowski
0f9b803eb3
Regenerate brakeman ignore, pruning warnings ( #25749 )
2023-07-08 11:07:19 +02:00
Jasmin
0728a6a709
Merge upstream security fixes of v4.0.5 ( #1316 )
...
It's already running on our instance (queer.group) and working fine.
Manually reviewed the changes, hadn't found anything that could break
hometown-specific code.
And to update our instance, I also just followed the [steps on the
release](https://github.com/mastodon/mastodon/releases/tag/v4.0.5 ) aka
`bundle install && yarn install` followed by a restart of all processes.
---------
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Co-authored-by: Daniel M Brasil <danielmbrasil@protonmail.com>
Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
Co-authored-by: Vyr Cossont <VyrCossont@users.noreply.github.com>
Co-authored-by: Renaud Chaput <renchap@gmail.com>
2023-07-06 12:30:13 -07:00
Claire
0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Claire
dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Renaud Chaput
8eb1bb8ba6
Allow carets in URL search params ( #25216 )
2023-07-06 13:45:40 +02:00
Claire
e65e3a6d14
Add finer permission requirements for managing webhooks ( #25463 )
2023-07-06 13:45:40 +02:00
Claire
a197fc094f
Fix CSP headers when S3_ALIAS_HOST includes a path component ( #25273 )
2023-07-06 13:45:40 +02:00
Claire
cca464bce3
Fix being able to vote on your own polls ( #25015 )
2023-07-06 13:45:40 +02:00
Eugen Rochko
54a10523e2
Change labels of live feeds tabs in web UI ( #25683 )
2023-07-03 22:57:18 +02:00
Eugen Rochko
ba06a2f104
Revert "Rails 7 update" ( #25667 )
2023-07-02 11:14:22 +02:00
Matt Jankowski
50c2a03695
Rails 7 update ( #24241 )
2023-07-02 10:38:53 +02:00
Matt Jankowski
f8bd581126
Remove unused routes ( #25578 )
2023-07-01 21:48:53 +02:00
Claire
1d622c8033
Add POST /api/v1/conversations/:id/unread ( #25509 )
2023-06-22 18:46:43 +02:00
Matt Jankowski
c9cd634184
Use default `bootsnap/setup` in boot.rb ( #25502 )
2023-06-22 18:46:32 +02:00
Claire
602c458ab6
Add finer permission requirements for managing webhooks ( #25463 )
2023-06-22 14:52:25 +02:00
Eugen Rochko
bca649ba79
Change edit profile page ( #25413 )
2023-06-14 04:38:07 +02:00
Eugen Rochko
39110d1d0a
Fix CAPTCHA page not following design pattern of sign-up flow ( #25395 )
2023-06-13 22:30:40 +02:00
Eugen Rochko
6637ef7852
Add unsubscribe link to e-mails ( #25378 )
2023-06-12 14:22:46 +02:00